YesAsia.com is a popular online retailer that sells Asian and Western products. Think of a website like Amazon.com, but with a focus on selling movies, music, and electronics to customers in Asian countries.

Unfortunately, it seems that cybercriminals are trying to take advantage of YesAsia's popularity by spamming out malicious emails posing as invoices.

Here's an example, claiming that the recipient's credit card has been charged for the purchase of a Logitech webcam and a Freecom external hard drive:

Click on the above image to see a larger version.

Be wary if you receive one of these emails, as the links do not point to yesasia.com but to a ZIP file on yesasia-invoices.com instead.

YesAsia-invoices.com is not a real YesAsia website, and was registered by somebody just yesterday for the purposes of duping PC owners into installing the malware.

The .ZIP file is detected by Sophos as Mal/BredoZp-B and the .EXE contained within is detected as the Troj/VB-FPL Trojan horse.

You should always be suspicious of unsolicited emails, and please remember to keep your anti-virus software up-to-date.

Virus total result for "Windefender.exe" which was found in the users %AppData% folder also found "Windefender.exe.jpg" stored in the temp folder of the users computer. It was logging the users keystrokes to a file named "windows" in the %AppData% folder as well

I had two copies of this email today. Both were sent to addresses associated (uniquely) with two Paypal accounts of mine (i.e., email address at my own domain with "paypal-something" before the @). Furthermore both emails were addressing me by my full name.

I can also vouch for this link to Paypal, I changed my name (due to divorce) on all accounts other than Paypal. I received the spam mail and was rather suprised to see it addressed to my old married name. Something I've not seen for 3 years...